open ticket

There is a micro-architectural (hardware) implementation issue affecting many modern microprocessors which can be mitigated in the Linux kernel alone or in combination with a microcode update. An unprivileged attacker can use this flaw to bypass restrictions to gain read access to privileged memory which would otherwise be inaccessible. There are three known CVEs for this issue related to Intel, AMD, and ARM architectures - additional vulnerabilities for other architectures also exist, such as POWER (both big and little endian, V8 and V9). For more information, please review the ‘Overview’ and ‘Impact’ tabs on the article below: The vulnerability has been assigned CVE-2017-5754, CVE-2017-5753 & CVE-2017-5715. This issue was publicly disclosed on Wednesday, January 3, 2018 and is rated as Important [1].